[c-nsp] Securing Exchange 2003

James O'Farrell James.O'Farrell at valuelink.co.uk
Fri Jul 22 11:52:33 EDT 2005 

In that case it is should not be too much of a hassle

I assume a setup of 

Client --- Internet ---  FW  --- Exchange ---  FW  --- Internal(DC/AD)
				 1				2

At 1;
Your chosen delivery method probably smtp(TCP 25)
And HTTP(TCP 80)/HTTPS(TCP 443) for RCP over HTTP/s

At 2;
LDAP to DC TCP 389 and UDP389
LDAP to GC TCP 3268
Kerberos TCP 88 and UDP 88
DNS TCP 53 and UDP 53


That should do the trick.
There may be an issue with RPC in which case you may need to open (try
without first) 
RPC port endpoint mapper TCP 135
And RPC service ports 1024-65535 (it would be a good idea to reghack
this to a single port for security reasons)

I hope that helps, I have never set this up on a single server before,
good luck... 

As for Citrix I have not thought of that.

JOF


	

-----Original Message-----
From: Paul Stewart [mailto:pstewart at nexicomgroup.net] 
Sent: 22 July 2005 16:34
To: James O'Farrell; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] Securing Exchange 2003

Nope... Just one single server.... It only services about 60-70
accounts... 

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of James O'Farrell
Sent: Friday, July 22, 2005 11:24 AM
To: cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] Securing Exchange 2003

Are you using a Front-end/Back-end setup?

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Steve Wright
Sent: 22 July 2005 16:17
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Securing Exchange 2003


> Do you want to offer a full blown Exchange/outlook service or are you 
> happy with outlook web access?

I'd be interested to see what people setup for the full shebang with
exchange, either on a PIX or router.

If anyone would care to share, it would be very much appreciated!

Thanks,

S



This message has been scanned for viruses by MailController -
www.MailController.altohiway.com
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



ValueLink is a specialist service provider of financial data to the
major UK and International centres. Our clients require reliable,
accurate data with maximum coverage on a fixed time delayed basis. We
work closely with each of our clients to provide a service which meets
their specific requirements and maximises efficiency of their process. 

For further information visit our website @ www.valuelink.co.uk

CONFIDENTIALITY: The information in this e-mail and any attachment is
confidential. It is intended only for the named recipient(s). If you are
not a named recipient, please notify the sender immediately and do not
read, use, copy or disseminate this information.

ValueLink Information Services Ltd accepts no liability whatsoever for
any direct or consequential loss arising from the use, or reliance on,
this e-mail or it's contents.



_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list